Imagine a car equipped with nothing more than a laptop, a portable GPS receiver, and a wireless network card cruising slowly through your neighborhood. Unknown to viewers, this is no ordinary vehicle; rather, it is a save machine. As the car passes homes and businesses, a wireless network card (available at any electronics store for as little as $25) scans for any wireless access points. Anyone with a wireless network (and there are many out there) is vulnerable. The computer is looking for what is called an SSID. An SSID is the name of your wireless network and is constantly broadcast by your access point, letting computers know of your presence. The war controller uses software like Netstumbler (for Windows) or Cismet (for Linux) to scan the radio waves for SSIDs. The program can track multiple access points at once and monitor signal strength. These programs can also check if the network is encrypted. The war controller will usually configure their software to log any strong unencrypted signals. Using the GPS receiver, the coordinates of the strong signal will be recorded. After this preliminary walkthrough, the wardriver can return to the locations that were recorded and connect to the access point. Once connected to an unencrypted network, the war controller can use the victim’s Internet access and can also explore the computers on the network. If files are shared within someone’s private network, all of that information is susceptible to a war controller. Also, once on the network, a wardriver can sniff network traffic and see any information, such as passwords and credit card numbers, that you send to the Internet, even data protected by SSL. The vulnerability of wireless networks is a major problem, and as more and more homes purchase wireless technology, the problem of insecure networks is increasing. Sound scary? Well, this happens every day, and you don’t need to be an expert to do it. However, you don’t have to be an expert to protect yourself against either.
Steps you can take to protect yourself against wardrivers:
There are a few very simple steps you can take to protect your wireless network. For many of these, you’ll need to go into your router’s configuration utility (check your router’s manual on how to do this, you’ll usually need to type an IP address into your browser, such as 192.168.0.1 or 192.168.1.1).
Do not broadcast your SSID. If you’re broadcasting your SSID, this is the first thing a program will pick up and recognize. If you set your router not to broadcast your SSID, it will be difficult to detect (but not impossible, as some programs can sniff wireless communication, so if you’re using your wireless network, the SSID may be revealed). If you’re not broadcasting your SSID, but it can be guessed (for example, if you’re using a default SSID), cloaking doesn’t make sense. Because of this, remember to change your factory default SSID. This is not a 100 percent effective method of securing your network, but it is a good first line of defense.
Change the default password. When you buy a router, a factory password is stored. People with experience in working with routers know the default passwords for different routers (and the brand of the router can be seen using wardriver software such as netstumbler). It is important that you secure your router with a good password.
Encrypt your wireless communication. I cannot stress the importance of encrypting your wireless communication enough. Enable encryption and enter a key. Most routers are only capable of WEP encryption, but if they allow it, use EAP encryption, it is more secure than WEP. Just like cloaking your SSID, encryption isn’t 100 percent secure. With enough time and determination, if someone wants to approach you and access your network, WEP encryption can be bypassed using software like AirSnort.
Filter the MAC addresses that can connect to your router. This will require you to enter your router’s settings and enter the MAC address of each wireless card you have. This will restrict access so that only your computers can connect to the router. You will need to obtain the MAC address (which is the individually identifiable address of a network card in the form of a 12-digit hexadecimal number). If someone sniffs the traffic and detects the MAC address of a computer wirelessly using your network, the wardriver could emulate that address and connect to the router, but this takes time.
If you set up file sharing on your computers, make sure it is password protected. You should not share files on your networked computers unless you require an authenticated user to gain access. Set up the same user accounts on your machines so your computers can share files.
With these relatively simple steps, wireless network users can protect their networks from controllers. Wireless networks are inherently insecure, and these tips will simply help you better protect your network. If someone is really determined to gain access to your network, given enough time, a good hacker can gain access. However, these tips will discourage the average war driver from gaining access to your network. While these methods are not definitive security measures, they will change your network from something that can be hacked in a matter of seconds, to something that will take a given hacker days, if not weeks, of work, all of which will have to be done. while in close proximity to your network.
